Skip to main content

Wed, Oct 17, 2018 9:37 AM

Answered

Brocade loop protect issues

Would it be possible for Ruckus to implement a similar loop protect to HP please? This seems to be work on a mac address level - which we prefer to doing it on every vlan. This causes a lot of extra traffic and causes switch management drop out across our network. It has been suggested to create one vlan for loop protect - which is a problem for us as we use Bradford Campus Manager for vlan switching. Also from a security point of view we wouldn't want this.

Responses

214 Messages

 • 

3.7K Points

2 years ago

Ruckus/Brocade already has this:
http://docs.ruckuswireless.com/fastiron/08.0.61/fastiron-08061-managementguide/GUID-385CA497-5068-46...

Oh, and YES it stops loops the same as the HP ProCurve Loop-Protect.  The downside is for ether vendor that Loop-Detection or Loop-Protection work only within the unit that sent out the frames looking for the loops.  This means if you have a loop that spans more than one physical chassis this mechanism is not effective at mitigating loops.  For that, we have Spanning-Tree, which also happens to be compatible between dissimilar vendors.

I can tell you from experience to be careful with Loop-Detection or Loop-Protection.  We have Avaya VoIP phones, which do not run spanning tree.  The problem is they have a built-in switch such that a phone can plug into a network jack then a computer into a phone.  When folks loop them, and those ports they loop them with happen to be on two different switch chassis, the loop-detection frame will come back on a fiber trunk just like that you drop an entire switch as its uplink port goes into errdisable.

To prevent that from happening, look at this:
http://docs.ruckuswireless.com/fastiron/08.0.61/fastiron-08061-managementguide/GUID-A45730FC-CC71-43...


Finally, let me point out that if you put your ICX family of switches into a Stack, they all become one logical chassis (i.e. the same switch), and Loop-Detection then works much better being any switch within the stack will recognize the loop-detection frame.

4 Messages

 • 

100 Points

Unfortunately I don’t think it works like HP loop-protect – the strict mode only detects loops on that port alone not between two ports. I have already mentioned the problem with loose mode.

 

We don’t put loop protect on the uplinks to avoid this problem and try to disable second ports on phones where possible.

 

Thanks


214 Messages

 • 

3.7K Points

It may not be identical, but it does mitigate loops just the same.

What we do is run it on the VLANS (Loose mode) then add arguments to the uplinks to avoid them being disabled.  Thus far it does work as does spanning-tree.

Honestly though Loops aren't much of a problem (outside of Education) ;-)

4 Messages

 • 

100 Points

I have to disagree loops can be a major problem when they happen. We would prefer the HP loop protect as it just works and doesn't have the problems the Brocade loop protect does.

1 Message

 • 

60 Points

I do agree with Martin. Coming from years of using HP switches, there are some things that Ruckus ICX switches seem to make overly complicated. I'll state for the record these things are rock solid and once they're set up they just work, but Ruckus could learn a thing or two from the ease of managing and initial setup of HP Procurves. 

That said, I was able to get loop detection to work on the ICX switch and it is acceptable. 

4 Messages

 • 

100 Points

We have a large network with many vlans - so the Brocade loop protect on vlan causes a lot of packets across the network. This slows down some HP switch management and the management on the Brocade 7150s plus we get dropouts on the other Brocades when monitoring them. We did prove it this by doing a mac filter to stop these packets however it overloads the switch doing that.